"If you're a software enthusiast who has never used OpenBSD before, you might enjoy installing it by yourself and figuring it out as you go. If, however, you're looking for a more practical approach to using OpenBSD 4.1 on a desktop or server machine, here's a quick guide to get you started in this spectacular operating system."

I am a UNIX fan. I use Debian Linux all the time. I believe that a Debian Linux server or a FreeBSD server can be as secure as a OpenBSD server. OpenBSD is secure by default. It's an empty statement. Nobody uses a 'default' server. And define 'secure'. From OpenBSD's point of view, it means: no buffer overflow, no hackable software, etc. That's pretty wortheless if you host a buggy PHP website on it or badly configure your mailserver so it becomes a spamhost. Therefor I believe that the security of a server depends on its administrator, not the running OS. Debian and FreeBSD have a very excellent security history. So, if you're looking for a secure OS that is also functional (good hardware support), you're better of with Debian or FreeBSD.

So, if you're looking for a secure OS that is also functional (good hardware support), you're better of with Debian or FreeBSD.

I have found OpenBSD to have very good hardware support, especially in the NIC area. I use OpenBSD on some of my laptops and it supports more wireless cards than my Linux laptops. I use older laptops for my test servers because they give me that "rack" feeling (I even put them on a rack) without the price. They also use less power and keep from heating up my computer room.

BTW: There will be nice feature in FreeBSD 7 called Red Zone [buffer overflow detection]:

"RedZone, a buffer corruption protection for the kernel malloc(9) facility has been implemented. This detects both buffer underflows and overflows at runtime on free(9) and realloc(9), and prints backtraces from where memory was allocated and from where it was freed. For more details, see the redzone(9) manual page."

...From OpenBSD's point of view, it means: no buffer overflow, no hackable software, etc. That's pretty wortheless if you host a buggy PHP website on it or badly configure your mailserver so it becomes a spamhost.

No buffer overflows and no hackable software are laudable goals, saying that things like this are worthless is extremely ignorant. And then you go on and make absolutely no point at all... If you host a buggy PHP website or a badly configured mailserver on ANYTHING you have a pretty major problem. No, OpenBSD wont save you from stupidity, no one is claiming that it will. But it just might save you from some obscure buffer-overflow someone discovers in bind or sendmail or whatever that allows someone to root your box.

And don't take me the wrong way, I'm not at all picking on Debian or FreeBSD. Your right, their security records are pretty good too. Not as good as OpenBSD, but they do have performance/software/etc advantages for certain uses and depending on your needs either may be a better choice. Use what makes sense to you, but all the reasons you have brought up are bogus.

"at least with buggy PHP, no harm can reach the system as httpd is chrooted by default"

If your website gets defaced or personal data from the users of that website are compromised, do you think a chrooted webserver will prevent any more structual damage? Reputation damage can also be really bad for a company. In case of a buggy PHP website, you are better off with a well designed DMZ and an IDS.

A secure OS is nice. But if I had to chose between "a secure OS and a good administrator" and "a really really secure OS and a bad administrator", I definitly will chose the first one.

It does mean you're not vulnerable after installation and that you don't have to spend countless of hours securing it. Start with a secure base and *add* stuff that you need. Seriously, how can you argue that this is not a good strategy?

"From OpenBSD's point of view, it means: no buffer overflow, no hackable software, etc. "

Uh, yeah. What else would it mean? It's not like they can guarantee that you wont screw things up on your own.

"That's pretty wortheless if you host a buggy PHP website on it or badly configure your mailserver so it becomes a spamhost."

No shit Sherlock. However...
A seatbelt wont help if you drive your car off a 500 feet cliff, ergo seatbelts are useless?

"So, if you're looking for a secure OS that is also functional (good hardware support), you're better of with Debian or FreeBSD."

Personally I have found that OpenBSD is functional and supports most of my hardware better than Linux.